Version Control for Linux Configuration (/etc) with etckeeper

Keeping a version history of files under /etc is essential for maintaining a healthy system. The benefits of tracking changes to /etc include:

  • Documentation: The log messages that are attached to configuration changes serve as documentation. These log messages record who made the change, when and why. Understanding the contents of a config file becomes much easier if you have a full history of the changes that were made to this file.
  • Troubleshooting: Misconfiguration can result in a variety of problems. When a service starts to misbehave, one of the things you can do to troubleshoot the issue is to check the version history of its config file. There, you can see if any changes were made around the time frame in which the problem happened. If you spot a change that may be causing the issue, you can easily revert it to fix the problem.

You can set up your own repository to track changes to /etc, or you can use a tool called etckeeper to handle the setup for you. This tool supports multiple version control systems, including Git, Mercurial and Bazaar. It integrates with the package management systems of a number of Linux distros, including APT (used by Debian, Ubuntu), YUM (RedHat, CentOS, Fedora), Pacman (Arch Linux). Using etckeeper instead of rolling your own has some advantages:

  • etckeeper integration with package managers means than you don't need to manually commit changes in /etc after installing packages.
  • etckeeper comes pre-configured with a list of files that live in /etc but usually do not benefit from version control (like some cache files).

Read on to learn how to install, configure and use etckeeper.

Installing etckeeper

To install etckeeper on Debian or Ubuntu, run:

$ sudo apt-get install etckeeper

If you use another Linux distro, search the packcage list in your package manager. If etckeeper supports your system, you will probably find it there. Otherwise, you can download the source from the official site of etckeeper.

Configuring etckeeper

Next, let's configure etckeeper. Open /etc/etckeeper/etckeeper.conf in your favorite editor. The first option that you need to look at is VCS, which is the version control system you want to use. By default it's set to git, but you can change it to hg or bzr depending on your preference. I use git myself, but most of this article should apply to etckeeper regardless of the version control system you choose.

Another option that I recommend looking at is AVOID_COMMIT_BEFORE_INSTALL. By default, etckeeper will automatically commit any pending changes when you install packages. I find this behavior undesirable, as it may commit unfinished changes. I disable it by setting AVOID_COMMIT_BEFORE_INSTALL to 1.

If you installed etckeeper from source, have a look at HIGHLEVEL_PACKAGE_MANAGER and LOWLEVEL_PACKAGE_MANAGER and change them depending on the package manager of your system.

Using etckeeper

With this, we are done with configuring etckeeper. Let's create a repository now:

$ cd /etc
$ sudo etckeeper init
$ sudo etckeeper commit "Initial import"

This will create an empty repository and then commit the contents of your /etc directory to it.

From here, using etckeeper is not different from using the version control system you selected. Let's say you want to change your MySQL config; you can edit the file and then commit it as usual:

$ cd /etc
$ sudo vi /etc/mysql/my.cnf
$ sudo git commit -m "Commit message"

Tips

  • Always keep your changes atomic. Don't commit two unrelated changes in one commit. This will make your live easier later if you need to quickly revert a misconfigured file.
  • Write descriptive commit messages. One of the main reasons for using a version control system is knowing why a change was made.

  • If you need to install a package in the middle of a change to /etc, you need to record the change and revert to a clean state, install the package, and apply your recorded change again. In git, this is done like this:

    $ cd /etc
$ sudo vi mysql/my.cnf    # Make a change.
$ sudo git stash          # Record the change and revert to a clean state.
$ sudo apt-get install bc # Install a package.
$ sudo git stash apply    # Apply the recorded change.

See the man page of git-stash for more information.

Tags:

Comments

Nicholas J Kreucher
Nicholas J Kreucher's gravatar

Awesome! I was trying to do this by hand via git, and then discovered etckeeper. Nice writeup on it, got me going quickly. I love it supports yum and as well as apt.


Posted at 6:27 p.m. on May 9, 2010

Post a comment

HTML is not allowed. You can use markdown syntax to format your comment.